mm [Fri, 31 Mar 2017 20:16:24 +0000 (20:16 +0000)]
MFC r315636,315876,316095:
Sync libarchive with vendor
Vendor changes/bugfixes (FreeBSD-related):
r315636:
PR 867 (bsdcpio): show numeric uid/gid when names are not found
PR 870 (seekable zip): accept files with valid ZIP64 EOCD headers
PR 880 (pax): Fix handling of "size" pax header keyword
PR 887 (crypto): Discard 3072 bytes instead of 1024 of first keystream
OSS-Fuzz issue 806 (mtree): rework mtree_atol10 integer parser
Break ACL read/write code into platform-specific source files
r315876:
Store extended attributes with extattr_set_link() if no fd is provided
Add extended attribute tests to libarchive and bsdtar
Fix tar's test_option_acls
Support the UF_HIDDEN file flag
r316095:
Constify variables in several places
Unify platform ACL code in a single source file
Fix unused variable if compiling on FreeBSD without NFSv4 ACL support
ed [Fri, 31 Mar 2017 08:43:07 +0000 (08:43 +0000)]
MFC r315892:
Include <sys/systm.h> to obtain the memcpy() prototype.
I got a report of this source file not building on Raspberry Pi. It's
interesting that this only fails for that target and not for others.
Again, that's no reason not to include the right headers.
truckman [Fri, 31 Mar 2017 06:20:06 +0000 (06:20 +0000)]
MFC r315516
Change several constants used by the PIE algorithm from unsigned to signed.
- PIE_MAX_PROB is compared to variable of int64_t and the type promotion
rules can cause the value of that variable to be treated as unsigned.
If the value is actually negative, then the result of the comparsion
is incorrect, causing the algorithm to perform poorly in some
situations. Changing the constant to be signed cause the comparision
to work correctly.
- PIE_SCALE is also compared to signed values. Fortunately they are
also compared to zero and negative values are discarded so this is
more of a cosmetic fix.
- PIE_DQ_THRESHOLD is only compared to unsigned values, but it is small
enough that the automatic promotion to unsigned is harmless.
dchagin [Thu, 30 Mar 2017 20:12:23 +0000 (20:12 +0000)]
MFC r314402:
FreeBSD does not have analgue for epoll EPOLLPRI event type.
So, do not set EPOLLPRI event acidently.
Also, do not set EPOLLWRNORM and EPOLLRDNORM events as epoll
do not set this events.
dchagin [Thu, 30 Mar 2017 20:00:57 +0000 (20:00 +0000)]
MFC r314293:
Return EOVERFLOW error in case then the size of tv_sec field of struct timespec
in COMPAT_LINUX32 Linuxulator's not equal to the size of native tv_sec.
tsoome [Thu, 30 Mar 2017 17:23:40 +0000 (17:23 +0000)]
boot1.efi: can't boot from ZFS on 4kn HDD
The boot1.efi immediate issue from PR216964 is that we are reading into
too small buffer, from UEFI spec 2.6:
The size of the Buffer in bytes. This must be a multiple of the intrinsic block size of the device.
The secondary issue is that LBA calculation does not check reminder from
division.
This fix does check the provided buffer size and if we read less than
media sector size or the read offset is not aligned to sector boundary,
we allocate bounce buffer and perform the read by single sector.
ae [Thu, 30 Mar 2017 14:20:27 +0000 (14:20 +0000)]
MFC r303018:
Add named dynamic states support to ipfw(4).
The keep-state, limit and check-state now will have additional argument
flowname. This flowname will be assigned to dynamic rule by keep-state
or limit opcode. And then can be matched by check-state opcode or
O_PROBE_STATE internal opcode. To reduce possible breakage and to maximize
compatibility with old rulesets default flowname introduced.
It will be assigned to the rules when user has omitted state name in
keep-state and check-state opcodes. Also if name is ambiguous (can be
evaluated as rule opcode) it will be replaced to default.
MFC r304087:
Do not warn about ambiguous state name when we inspect a comment token.
MFC r304089:
Add an ability to attach comment to check-state rules.
MFC r310727 (by marius):
Fix a bug in r272840; given that the optlen parameter of setsockopt(2)
is a 32-bit socklen_t, do_get3() passes the kernel to access the wrong
32-bit half on big-endian LP64 machines when simply casting the 64-bit
size_t optlen to a socklen_t pointer.
While at it and given that the intention of do_get3() apparently is to
hide/wrap the fact that socket options are used for communication with
ipfw(4), change the optlen parameter of do_set3() to be of type size_t
and as such more appropriate than uintptr_t, too.
MFC r315305:
Change the syntax of ipfw's named states.
Since the state name is an optional argument, it often can conflict
with other options. To avoid ambiguity now the state name must be
prefixed with a colon.
r314547
loader.efi: reduce the size of the staging area if necessary
The loader assumes physical memory in [2MB, 2MB + EFI_STAGING_SIZE)
is Conventional Memory, but actually it may not, e.g. in the case
of Hyper-V Generation-2 VM (i.e. UEFI VM) running on Windows
Server 2012 R2 host, there is a BootServiceData memory block at
the address 47.449MB and the memory is not writable.
Without the patch, the loader will crash in efi_copy_finish():
see PR 211746.
The patch verifies the end of the staging area, and reduces its
size if necessary. This way, the loader will not try to write into
the BootServiceData memory any longer.
Thank Marcel Moolenaar for helping me on this issue!
The patch also allocates the staging area in the first 1GB memory.
See the comment in the patch for this.
r314770
loader.efi: fix recent UEFI-boot regression on physical machines
This patch fixes my recent patch
"loader.efi: reduce the size of the staging area if necessary", which
causes EFI-boot failure on physical machines since Mar 2:
on the host there is a 1MB LoaderData memory range, which splits
the big Conventional Memory range into a small one (15MB) and a
big one: the small one is too small to hold the staging area.
We can actually use the LoaderData range safely, because when
amd64_tramp -> efi_copy_finish() starts to run, we're almost at
the very end of the efi loader code and we're going to "return"
to the kernel entry, so we're pretty sure we won't access any loader
data any more.
For people who are interested in the details: please see
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211746#c22
PS, some people also reported the regression happened to FreeBSD VM
running on Bhyve in EFI mode. This patch should resolve it too,
though I don't have such a setup to test.
r314828
loader.efi: fix an off-by-one bug in efi_verify_staging_size()
Also remove the warning message: it may not be unusual to see
the memory range containing 2MB is not of EfiConventionalMemory.
Sponsored by: Microsoft
r314891
loader.efi: finally fix the off-by-one bug in efi_verify_staging_size()
r314828(loader.efi: fix an off-by-one bug in efi_verify_staging_size())
doesn't really fix the bug and this patch adds the missing part.
It's a shame that I didn't make everything correct at the very beginning...
Sponsored by: Microsoft
r314956
loader.efi: only reduce the size of the staging area on Hyper-V
Doing this on physical hosts turns out to be problematic, e.g. see comment
24 and 28 in https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211746.
To fix the real underlying issue correctly & thoroughly, IMO we need
a relocatable kernel, but that would require a lot of complicated long
term work: https://reviews.freebsd.org/D9686?id=25414#inline-56969
For now, let's only apply efi_verify_staging_size() to VMs running on
Hyper-V, and restore the old behavior on physical machines since that
has been working for people for a long period of time, though that's
potentially unsafe...
Sponsored by: Microsoft
r314962
loader.efi: only include the machine/ header files on x86
The 2 files may not exist on other archs like aarch64 and hence we
can have a build failure there.
Reported by: lwhsu
Sponsored by: Microsoft
r315235
loader.efi: use stricter check for Hyper-V
Some other hypervisors like Xen can pretend to be Hyper-V but obviously
they can't implement all Hyper-V features. Let's make sure we're genuine
Hyper-V here.
ngie [Thu, 30 Mar 2017 05:47:18 +0000 (05:47 +0000)]
Backport mlx4{en,ib}(4) from ^/head
MFCing other pieces would be very structurally disruptive. This just
brings back the manpages so they can be used by end-users and to ease
future backports.
svn:mergeinfo omitted, in part because this is a direct commit to
^/stable/11.
ngie [Thu, 30 Mar 2017 05:14:52 +0000 (05:14 +0000)]
MFC r314372:
Use "build" instead of "all" when building ports modules
"all" in ports currently means "stage the ports", which requires root today,
and brings to light other potential issues, like ENAMETOOLONG with staged
directories (bug 161481, etc).
This fixes buildkernel for me when run as a non-root user, assuming all
of the prerequisites have been installed beforehand and are up-to-date.
gnn [Thu, 30 Mar 2017 02:50:21 +0000 (02:50 +0000)]
MFC: 313176, 313177, 313359
Replace the implementation of DTrace's RAND subroutine for generating
low-quality random numbers with a modern implementation (xoroshiro128+)
that is capable of generating better quality randomness without compromising performance.
gnn [Thu, 30 Mar 2017 02:38:30 +0000 (02:38 +0000)]
MFC: 311225, 311243, 313045
Fix DTrace TCP tracepoints to not use mtod() as it is both unnecessary and
dangerous. Those wanting data from an mbuf should use DTrace itself to get
the data.
Add an mbuf to ipinfo_t translator to finish cleanup of mbuf passing to TCP probes.
sevan [Thu, 30 Mar 2017 00:58:04 +0000 (00:58 +0000)]
MFC 315964
ftp.microsoft.com is dead and the document was not archived, point to the full
protocol spec document instead.
Fix spelling mistake flagged by igor.
Rephrase bad sentence flagged by igor.
mav [Wed, 29 Mar 2017 16:10:34 +0000 (16:10 +0000)]
MFC r315507: Reorganize RQSTYPE_NOTIFY handling for chips <= 23xx.
There were two copies of the code: one in generic code was half-broken, and
another in platform code was never called. Leave only one in generic code
and working.
mav [Wed, 29 Mar 2017 15:42:35 +0000 (15:42 +0000)]
MFC r315307: Refactor interrupt handling.
Instead of single isp_intr() function doing all possible magic, introduce
four different functions to handle mailbox operation completions, async
events, response and ATIO queues. The goal is to isolate different code
paths to make code more readable, and to make easier support for multiple
interrupt vectors. Even oldest hardware in many cases can identify what
code path it should run on interrupt. Contemporary hardware can assign
them to different interrupt vectors.
mav [Wed, 29 Mar 2017 15:25:34 +0000 (15:25 +0000)]
MFC r314870: Add mechanism to unload CAM periph drivers.
For now it allows to unload CTL kernel module if there are no target-capable
SIMs in CAM. As next step full teardown of CAM targets can be implemented.
ngie [Wed, 29 Mar 2017 08:00:13 +0000 (08:00 +0000)]
MFC r315699:
Print out name of non-dynamic sysctl in sysctl_remove_oid_locked
This will provide a slightly better smoking gun than just stating
"can't remove non-dynamic nodes!" when calling sysctl_ctx_free(9)
and sysctl_remove_{name,oid}(9) with a non-dynamic (likely
static) sysctl.
ngie [Wed, 29 Mar 2017 07:30:59 +0000 (07:30 +0000)]
MFC r315697:
libkvm: fix warning issues post-r291406
- Fix -Wunused warnings with *_native detection handlers by marking `kd`
__unused, except with arm/mips, where a slightly more complicated scheme
is required to handle the native case vs the non-native case.
- Fix -Wmissing-variable-declarations warnings by marking struct kvm_arch
objects static.
Tested with: WIP test code (D10024) // kgdb7121 (i386 crash/kernel on amd64)
np [Wed, 29 Mar 2017 02:20:07 +0000 (02:20 +0000)]
MFC r315201, r315920, r315921, r315922, r316008, and r316062.
r315201:
cxgbe(4): Fix an always-true assertion (reported by PVS-Studio).
sys/dev/cxgbe/t4_main.c: PVS-Studio: Expression is Always True (CWE-571) (3)
r315920:
cxgbe/iw_cxgbe: c4iw_connect should always returns a -ve errno on failure.
r315921:
cxgbe/iw_cxgbe: alloc_ep expects a gfp_t, and it's always ok to sleep during
alloc_ep.
r315922:
cxgbe/iw_cxgbe: allocations that use GFP_KERNEL (which is M_WAITOK on
FreeBSD) cannot fail.
r316008:
cxgbe/iw_cxgbe: Remove unused code.
r316062:
cxgbe/iw_cxgbe: Defer the handling of error CQEs and RDMA_TERMINATE to
the thread that deals with socket state changes. This eliminates
various bad races with the ithread.
vangyzen [Wed, 29 Mar 2017 01:21:48 +0000 (01:21 +0000)]
MFC r315280 r315287
When the RTC is adjusted, reevaluate absolute sleep times based on the RTC
POSIX 2008 says this about clock_settime(2):
If the value of the CLOCK_REALTIME clock is set via clock_settime(),
the new value of the clock shall be used to determine the time
of expiration for absolute time services based upon the
CLOCK_REALTIME clock. This applies to the time at which armed
absolute timers expire. If the absolute time requested at the
invocation of such a time service is before the new value of
the clock, the time service shall expire immediately as if the
clock had reached the requested time normally.
Setting the value of the CLOCK_REALTIME clock via clock_settime()
shall have no effect on threads that are blocked waiting for
a relative time service based upon this clock, including the
nanosleep() function; nor on the expiration of relative timers
based upon this clock. Consequently, these time services shall
expire when the requested relative interval elapses, independently
of the new or old value of the clock.
When the real-time clock is adjusted, such as by clock_settime(3),
wake any threads sleeping until an absolute real-clock time.
Such a sleep is indicated by a non-zero td_rtcgen. The sleep functions
will set that field to zero and return zero to tell the caller
to reevaluate its sleep duration based on the new value of the clock.
amdmi3 [Tue, 28 Mar 2017 10:43:19 +0000 (10:43 +0000)]
MFC r315242: Fix late and noauto with geli swap
With the following in /etc/fstab:
/dev/gpt/swap.eli none swap sw,late 0 0
swap will not be enabled, with `swapon -aL' complaining:
swapon: Invalid option: late
This happens because swap_on_geli_args() which parses geli arguments
out of all mount options does not expect late or noauto among them.
Fix this by explicitly allowing these arguments.
It was implemented to reduce context switches when uploading firmware to
card's RAM. But this mechanism is not used last 10 years since all mbox
operations are now polled, and it was never used for cards produced in
last 15 years. Newer cards can use DMA to upload firmware.
mav [Tue, 28 Mar 2017 10:11:00 +0000 (10:11 +0000)]
MFC r315234: Improvements around attach, reset and detach.
This change fixes DMA resource leak on driver unload. Also it removes
DMA resources allocation for hardcoded number of requests before fetching
the real number from firmware. Also it prepares ground for more flexible
IRQs allocation according to firmware capabilities.
ngie [Tue, 28 Mar 2017 06:13:21 +0000 (06:13 +0000)]
MFC r313436,r313437,r313438,r314587,r315687:
r313436:
Clarify #includes for hexdump(3) vs sbuf_hexdump(9)
hexdump(3) only requires libutil.h, whereas sbuf_hexdump(9) requires
sys/types.h (for ssize_t) and sys/sbuf.h
r313437:
Create link from hexdump(3) to sbuf_hexdump(9) as the manpage describes
sbuf_hexdump(9)'s behavior
r313438:
Clean up trailing and leading whitespace for variables to make it
consistent with the rest of the file and style.Makefile(9) a bit
more
r314587:
Correct MLINKS for sbuf_hexdump(9)
sbuf_hexdump(9) should be linked to sbuf(9), not hexdump(3). Another
review will be posted to deduplicate the sbuf_hexdump reference in
in hexdump(3) or at the very least make the information less duplicative.
r315687:
Document sbuf_hexdump(9) in just sbuf(9)
- Remove duplicate references to sbuf_hexdump(9) from hexdump(3).
sbuf_hexdump(9) already pointed back to hexdump(3) for implementation
details.
- Refer to sbuf_hexdump(9) instead of sbuf(9) for completeness
kib [Tue, 28 Mar 2017 06:07:59 +0000 (06:07 +0000)]
MFC r315281:
Use atop() instead of OFF_TO_IDX() for convertion of addresses or
addresses offsets, as intended.
MFC r315580 (by alc):
Simplify the logic for clipping the range returned by the pager to fit
within the map entry.
Use atop() rather than OFF_TO_IDX() on addresses.
ngie [Tue, 28 Mar 2017 06:03:43 +0000 (06:03 +0000)]
MFC r315686,r315688:
r315686:
kvm_geterr: handle `kd` == NULL in a deterministic/graceful manner
Return a NUL string instead of just working by accident with kvm_geterr(3)
when MALLOC_PRODUCTION is disabled (I didn't confirm the MALLOC_PRODUCTION
being enabled path).
Document the new explicit return behavior for kvm_geterr(3), as well
as the previous implicit behavior, i.e., the buffer attached to
returned via kvm_geterr(3) would be empty if a previous error hadn't been
stored in `kd`.
r315688:
kvm_write: fix -Wcast-qual warning in pointer arithmetic argument
Cast buf to `const char *` when doing arithmetic operation to match
`cp`'s type [1].